Skip to content

Implement section 9 rules #5918

Implement section 9 rules

Implement section 9 rules #5918

Workflow file for this run

name: UnitTests
on:
pull_request:
branches:
- main
- "[0-9]+.[0-9]+"
types: [opened, synchronize, reopened]
push:
branches:
- main
env:
K8S_MANIFEST_DIR: deploy
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
cancel-in-progress: true
jobs:
unit_tests:
name: Unit Tests
runs-on: ubuntu-20.04
timeout-minutes: 40
steps:
- name: Check out the repo
uses: actions/checkout@v4
- name: Set up GO (with caching)
uses: magnetikonline/action-golang-cache@v4
with:
go-version-file: .go-version
- name: Mage build bundle before unit tests
uses: magefile/mage-action@v3
with:
args: buildOpaBundle
- name: Copy bundle to required dirs
run: |
cp bundle.tar.gz evaluator/
- name: Unit-Test
run: |
go install gotest.tools/gotestsum
GOOS=linux TEST_DIRECTORY=./... gotestsum --format pkgname -- -race -coverpkg=./... -coverprofile=cover.out.tmp
cat cover.out.tmp | grep -v "mock_.*.go" > cover.out # remove mock files from coverage report
- name: Upload coverage artifact
uses: actions/upload-artifact@v3
with:
name: coverage-file
path: cover.out
coverage:
name: Coverage report
needs: unit_tests
runs-on: ubuntu-20.04
timeout-minutes: 10
steps:
- name: Check out the repo
uses: actions/checkout@v4
- name: Init Hermit
run: ./bin/hermit env -r >> $GITHUB_ENV
- name: Install goveralls
run: go install github.com/mattn/goveralls@latest
- name: Download coverage artifact
uses: actions/download-artifact@v3
with:
name: coverage-file
- name: Send coverage
env:
COVERALLS_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: goveralls -coverprofile=cover.out -service=github
manifest_tests:
name: Manifest Tests
runs-on: ubuntu-20.04
timeout-minutes: 15
steps:
- name: Check out the repo
uses: actions/checkout@v4
- name: Get diff k8s manifests
uses: technote-space/get-diff-action@v6
with:
PATTERNS: ${{ env.K8S_MANIFEST_DIR }}/**
- name: Run K8s manifest tests
if: env.GIT_DIFF
uses: stefanprodan/kube-tools@v1
with:
kubectl: 1.18.4
kubeval: v0.16.1
command: |
kubeval --strict -d ${{ env.K8S_MANIFEST_DIR }} --ignore-missing-schemas --ignored-filename-patterns kustomization,kind,patch,cloudbeat,cloudformation,deployment-manager --skip-kinds ClusterConfig
golangci:
name: golangci-lint
runs-on: ubuntu-20.04
timeout-minutes: 15
steps:
- name: Check out the repo
uses: actions/checkout@v4
with:
token: ${{ secrets.GITHUB_TOKEN }}
repository: ${{ (github.event.pull_request_target || github.event.pull_request).head.repo.full_name }}
ref: ${{ (github.event.pull_request_target || github.event.pull_request).head.sha }}
- name: Set up Go
uses: actions/setup-go@v4
with:
go-version-file: .go-version
cache: false
- name: Go linter
uses: golangci/[email protected]
with:
version: latest
args: --whole-files --verbose
dependency-review:
runs-on: ubuntu-20.04
if: ${{ github.event_name == 'pull_request' }}
steps:
- name: Checkout Repository
uses: actions/checkout@v4
- name: Dependency Review
uses: actions/dependency-review-action@v3
terraform-linter:
name: terraform-lint
runs-on: ubuntu-20.04
steps:
- name: Checkout Repository
uses: actions/checkout@v4
- name: Init Hermit
run: ./bin/hermit env -r >> $GITHUB_ENV
- name: Terraform fmt
run: terraform fmt -check -recursive